Default language.

Enabling cross launch to mid tier

If the mid tier is running on version 18.05 and later, a user might not be able to cross launch into mid tier because of the HttpHeaderSecurityFilter filter. This filter blocks the x-FRAME-OPTIONS header when you try to launch mid tier from different applications.

To overcome this issue, you can use either of the following options:

  • In the Centralized configuration, set the arsystem.security_iframe_allowfromurls parameter to either Self or URI.
  • From the HttpHeaderSecurityFilter filter in the web.xml file located in the <Install directory>\BMC Software\ARsystem\midtier\WEB-INF folder, modify the ClickJackMode parameter.

The settings in the Centralized configuration takes precedence over the settings in the web.xml file.

To enable cross launch to mid tier by using Centralized Configuration

Use the arsystem.security_iframe_allowfromurls parameter in the Centralized Configuration. 

MT.png

Perform the following steps:

  1.  Open AR System Administration > AR System Administration console.
  2. Click System >  General >  Centralized configuration.
  3. From the Components Name field, arsystem.bmc.arsys.midtier component.
    This component is displayed only if you configure the AR System server by using the Centralized Configuration.
  4. From Setting name, select the arsystem.security_iframe_allowfromurls parameter.

  5. Use either the Self or URI option to set the parameter value. 
    The following table describes the options available:

    Option

    Description

    Self 

    (Default) Enables the current site to render the content.

    URI 

    Allows the specified URI to render the page. You can pass multiple URIs.
    The URIs must be space-separated.

    For example: http://www.example.com/http://www.example2.com/

    None 

    Prevents any domain from rendering the content.

To enable mid tier cross launch by using the web.xml file

To enable mid tier cross launch, use the ClickJackMode parameter in the web.xml file.

Refer to the following screenshot:

Enable Cross launch.png

To disable mid tier cross launch by using the web.xml file

To disable mid tier cross launch, use the ClickJackEnable parameter using the web.xml file.

Refer to the following screenshot:

disable-cross-launch.png

Related topic

Security-administration


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*